ZeroMemoryEx / Wizard-Loader

Related projects ⓘ

Alternatives and complementary repositories for Wizard-Loader

• aplyc1a / PEMemoryLoader
  Load static-compiled PE from remote server.
  ☆58Updated 2 years ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆84Updated 8 months ago
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆113Updated last year
• Octoberfest7 / KillDefender
  A small (Edited) POC to make defender useless by removing its token privileges and lowering the token integrity
  ☆32Updated 2 years ago
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆55Updated last year
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆165Updated last year
• Konis-Bros / espio
  Shellcode obfuscation tool to avoid AV/EDR.
  ☆108Updated last year
• RistBS / ContextMenuHijack
  Execute a payload at each right click on a file/folder in the explorer menu for persistence
  ☆165Updated last year
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆79Updated last year
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆61Updated 2 years ago
• MastMind / PE-infector
  Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)
  ☆53Updated 6 months ago
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆67Updated 9 months ago
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆81Updated last year
• S12cybersecurity / S12URootkit
  User Mode Windows Rootkit
  ☆54Updated 10 months ago
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆53Updated 2 months ago
• fern89 / C2
  A basic C2 framework written in C
  ☆58Updated 4 months ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆185Updated 4 months ago
• hackerhouse-opensource / ColorDataProxyUACBypass
  Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…
  ☆135Updated 2 years ago
• evilashz / PigSyscall
  An implementation of an indirect system call
  ☆116Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆41Updated 8 months ago
• alfarom256 / StinkyLoader
  It stinks
  ☆100Updated 2 years ago
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆40Updated 7 months ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆95Updated last year
• AzAgarampur / byeintegrity9-uac
  ☆35Updated last year
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆164Updated 8 months ago
• YOLOP0wn / EchoDrv
  Exploitation of echo_driver.sys
  ☆167Updated last year